CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-4575

Malware in sbrugna...

6.5CVSS6.1AI score0.00267EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-3837

Malware in sbrugna...

4.3CVSS6.4AI score0.00256EPSS

Exploits0References5

OSV•added 2025/07/08 7:15 p.m.•0 views

CVE-2025-7190

A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. This affects an unknown part of the file /admin/studenteditphoto.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. T...

8.8CVSS5.5AI score

Exploits0References5

Positive Technologies•added 2024/04/07 12:0 a.m.•1 views

PT-2024-25817 · Sourcecodester · Sourcecodester Prison Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Prison Management System version 1.0 Description: A critical issue was discovered in the Avatar Handler component, specifically affecting the /Admin/edit-photo.php file. The avatar argument is vulnerable to manipulation, leadin...

7.2CVSS6.5AI score0.00085EPSS

Exploits1References6

Cvelist•added 2022/10/09 12:0 a.m.•16 views

CVE-2022-3436 SourceCodester Web-Based Student Clearance System Photo edit-photo.php unrestricted upload

A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launche...

6.3CVSS7.8AI score0.00171EPSS

Exploits4References2

hackapp•added 2016/04/01 9:19 a.m.•10 views

Color Splash Effect Photo Edit - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Color Splash Effect Photo Edit published at the 'play' market has multiple vulnerabilities...

0.4AI score

Exploits0References1Affected Software1

Prion•added 2014/08/17 6:55 p.m.•16 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/picturemodify.php in the photo-edit subsystem in Piwigo 2.6.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the associate field, a different vulnerability than CVE-2014-4649...

4.3CVSS6AI score0.00267EPSS

Exploits0References4Affected Software1

CVE•added 2014/08/17 6:0 p.m.•47 views

CVE-2014-3900

CVE-2014-3900 affects Piwigo 2.6.3 and earlier. An XSS flaw in admin/picture_modify.php (photo-edit subsystem) allows injection of arbitrary script via the associate[] field. Root cause involves insufficient input handling; impact is user browser script execution. Exploitation status is not detai...

4.3CVSS5.7AI score0.00256EPSS

Exploits0References4Affected Software1

Cvelist•added 2014/06/28 3:0 p.m.•14 views

CVE-2014-4649

SQL injection vulnerability in the photo-edit subsystem in Piwigo 2.6.x and 2.7.x before 2.7.0beta2 allows remote authenticated administrators to execute arbitrary SQL commands via the associate field...

7.8AI score0.00267EPSS

Exploits0References2

CVE•added 2014/06/28 3:0 p.m.•47 views

CVE-2014-4649

Piwigo contains a SQL injection vulnerability (CVE-2014-4649) in the photo-edit subsystem for versions 2.6.x and 2.7.x prior to 2.7.0beta2. The issue allows remote authenticated administrators to execute arbitrary SQL commands via the associate[] field. Affected software is Piwigo, with the root ...

6.5CVSS8.1AI score0.00267EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by